The Time to Implement a New Cybersecurity Playbook is Now

Written by

With Q1 and the RSA conference in our rearview mirror, many businesses are realizing that despite the best laid cybersecurity plans and strategies they set into motion for 2019, they’re still grappling with the cybersecurity fundamentals. Culture, lack of resources and a defensive mindset still can and do hinder an enterprise’s ability to secure its IT networks. 

There is no quiet period in the world of security; just a rapidly evolving and growing collection of issues and vulnerabilities that require enterprises to be more assertive. Mounting frustration from applying the same strategies and tactics that net the same results sets in and we realize collectively that the time for a new cybersecurity playbook is now – an evolved playbook that embraces new strategies while at the same time doubles down on the cybersecurity basics.

Business conditions and the threat landscape continue to change and increase in complexity, requiring an evolution in an enterprise’s cybersecurity playbook. Here are some of the top trends we’re seeing in 2019 and the best reasons for why an evolved cybersecurity security playbook is critical.

Ethical Hackers Pave Way for Good Cryptominers - While bad actors will continue to install cryptomining software to execute wider attacks across the enterprise, we'll start to see cryptomining used for good among ethical hackers and organizations. Businesses will employ ethical hackers to look for potential vulnerabilities and attack surfaces in exchange for resources that will allow ethical miners to mine for cryptocurrencies. Organizations will, however, need to have a strong framework in place with in-house cybersecurity staff or an outsourced team to check ethical hackers' tracks to ensure they don’t dig themselves a bigger hole and make the organization more vulnerable.

‘Camouflage and Capture’ Replaces 'Detect and Deny' - As hackers increasingly move to deploy more pre-defined, weaponized packages, attackers are forcing companies to go on offense in fundamentally new ways. The security expert’s traditional go-to approach of ‘detect and deny’ will be a thing of the past. Instead, companies will need to apply resources aimed at disrupting or deceiving hackers. These techniques include setting traps to deceive attackers, establishing honey pots and false data repositories to lure hackers into the open and actively threat hunting in their environments. 

Small and Medium-sized Businesses Face Enterprise-Sized Threats - An increase in attackers' use of automation to launch random attacks will impact small and mid-size businesses more heavily than before – at a rate previously experienced only by large organizations and the enterprise. Coupled with limited resources to monitor and protect workloads, many organizations may see their operations impacted this year, including lost revenue and loss of reputation. This disruption will cause smaller organizations to rethink their cybersecurity practices, compelling them to invest in outside expertise such as monitoring and proactive threat assessment to improve their long-term security posture. 

Companies Target Shadow IT in Earnest - Shadow IT – information technology projects that are managed outside of, and without the knowledge of, the IT department – continue to pose a threat for many organizations. Without visibility into their environment, the potential for security risks snowballs and can include loss of data, loss of confidentiality, and exfiltration of sensitive data. Often these risks are greater when a hacker goes after shadow IT systems, which are not typically as well managed and patched.

In 2019, we expect companies to take stronger steps to bring shadow IT under control, or at least enforce greater transparency. This will lead to greater visibility into systems and automated IT deployments that allow central IT and security teams to gain greater oversight into what were shadow assets and applications. This will require a change in mindset among IT and security teams that have traditionally imposed restrictive and controlling corporate and security governance that has been perceived as slowing progress. Instead, IT and security teams will focus on collaboration with business units and departments, fostering greater cooperation and synergy with IT for easy deployment.

Social Engineers Exploit People’s Trust - We’ve seen the end-user risk evolve over time, but it continues to be the bad actor’s most successful target. When hackers try to infiltrate a system, they will take whatever route is easiest. Today, technology and security have evolved, and vulnerable entry points have become hardened in many cases. This has forced hackers to focus on the weakest link and lowest barrier to entry—the human factor. We saw several examples in 2018, including phishing attacks at UnityPoint and Augusta University, and we expect this trend will continue with tactics such as spear-phishing and other social engineering. 

Deeper Collaboration Leads to More Disclosed Vulnerabilities - The number of vulnerabilities disclosed by the National Vulnerability Database (NVD) will reach record figures by the end of 2019. It's not so much that more vulnerabilities are going to be introduced or exploited, but rather people will be more inclined to bring them to light (from both the public and private sectors), allowing vendors and security practitioners to communicate more effectively and provide necessary patches or solutions more quickly than when working in siloes.

There is too much at stake for businesses large, medium and small not to make security a bigger priority and take more proactive measures. Innovation needs to continue to be the mandate in order to create great customer experiences, but bad actors will be evolving too and evolving their methods in order to take advantage.

Deeper collaboration, activating more aggressive strategies, making security a priority among employees, and leveraging more outside expertise is more vital than ever. Are you ready to apply that new playbook?

What’s hot on Infosecurity Magazine?